Last week we launched our first of three videos called “Meet Jim, A Model Employee … and Phishing Target” where Jeremy Piven discusses a major cybersecurity issue hitting organizations on a daily basis. The issue that was covered was phishing attacks that target innocent employees to take action that puts their personal information at risk and would take control of the corporate network. The message seems to be resonating with over 142,000 views within one week.
The second video that we are launching this week called “Ransomware Just Put Katie’s System Into Lockdown” centers around the major issue of ransomware and again, how an innocent employee who is getting hundreds of resumes for her role as an HR recruiter, gets duped to download malware by opening up a resume sent as a Word document. The malware ends up being ransomware and locks-up her machine until she pays a ransom to release her data.
The Federal Bureau of Investigation said ransomware attacks cost victims $209 million in the first three months of the year, which is about $330,000 an incident. And, almost 40 percent of enterprises have been hit by ransomware in the last year.
Here are three things to consider when it comes to ransomware:
- Ransomware cybercrime kits are readily accessible on the black market, enabling non-technical cybercriminals to license and deploy them in the execution of a ransomware campaign.
- Most organizations focus only on prevention, without formulating a “Plan B” to rely on when prevention doesn’t work. Traditional preventive systems, such as AV, are increasingly unable to detect and block the constantly changing flavors of ransomware.
- There is no single “ransomware security product” available. Since no single product can provide adequate protection because of the multifaceted nature of ransomware, and the creativity of the attackers who wield it, protection from ransomware must also be multi-faceted.
So, what happens when ransomware hits an organization? A lot:
- Organizations suffer from crippled productivity.
- Employees are locked out of vital productivity tools like email, calendars and contact lists, as well as other applications and files on affected systems.
- Customers are often impacted because customer-facing operations that are highly dependent on IT are not functional.
- Organizations often succumb to the pressure to pay the ransom to regain access to their applications and data, motivating and financing attackers to expand their ransomware campaigns.
- Data can be lost, damaged or corrupted after an attack, as not all ransomware is bug- free. And, in some cases, the attackers, if not paid in a timely manner, will destroy the decryption keys or some of your data in retribution.
As cybersecurity issues, such as ransomware, continue to be top-of-mind, Mimecast is committed to educating the millions of employees, C-Suite and board members on the impact of not only cyberthreats but also, the fact that employees take an inadvertent active role as a trusted insider to launch an attack against the company.
Telling the story of who your company is, and what you do is a consistent struggle for any business. As the nature of cyberattacks continues to evolve and get more interest beyond IT and Infosec, we here at Mimecast took an approach to conveying the problems organizations face in a way that everyone can understand. In other words….information security has gone mainstream and everyone is talking about it.
Because of this, we're taking a different approach to engaging the market. We're adding personality and a familiar face to convey the passion we have each and every day at solving major cybersecurity issues for global organizations.
That is why we engaged one of my favorite actors - Jeremy Piven a.k.a Mr. Selfridge or Ari Gold.
Working with Jeremy Piven and the production team was a great experience. Jeremy is a true artist with a strong desire for perfection and challenged us to help him convey the problem in a way that everyone can understand. Being that I have worked in the information security industry for over 16 years, I have found that we (the proverbial InfoSec vendors and professionals) overcomplicate the problem organizations face…only to leave the Board of Directors and the C-suite wondering what the true ROI is on their Infosec spend. The challenge was accepted by our team and we came up with an approach and message that everyone can understand within 60 seconds. The commercial project was an amazing and humbling experience that resulted in a three-part video series that will be rolling out over the next several weeks. The first of three video segments begins this week with our Protect Against Malicious Email URL Attacks video.
So you can get a sense of the problem the market is facing and our solution that helps protect against phishing attacks, below is the script of the first video for your reference.
JEREMY PIVEN: This is Jim. Jim is a model employee. So, when Jim gets an e-mail with the subject line "Employee Survey" with instructions to "click here to complete the survey", he eagerly clicks the link to provide his feedback.
JEREMY PIVEN: What Jim doesn't know is that e-mail was actually a phishing scam, and by clicking that URL, he just downloaded a remote access trojan that has given a cybercriminal remote access to his
computer and the corporate network.
JIM: No, no, no, no. . .
JEREMY PIVEN: Phishing scams like these, fooling innocent employees, happen every day and can cost your company thousands.
JEREMY PIVEN: For protection from cyberattacks like these, get Mimecast.
JEREMY PIVEN: Industry leading protection from spear-phishing, impersonation, and ransomware attacks.
JEREMY PIVEN: Mimecast, making email safer for business.
JEREMY PIVEN: It'll be alright.
As information security continues to be top of mind for businesses and continues to go “mainstream,” I challenge the rest of the security industry to commit to educating all businesses and their employees, C-suite and Board of Directors to better understand the impact of cyberattacks. Also, let’s educate them on how to best safeguard against different types of email attacks and the role employees play in launching an attack. I say, challenge accepted.
December 7, 2016We’re honored and humbled by Gartner’s recognition of Mimecast Cloud Archiving in its 2016 Magic Quadrant for Enterprise Information Archiving. With this year’s recognition, Mimecast has been named as a Leader for the second year in a row.
Moreover, for the first time, we placed highest within the Leader Quadrant for both Ability to Execute and Completeness of Vision. This momentous recognition offers an occasion for reflection on the nature of information archiving and our place in the market.
A Breakaway Moment
The range of archiving use cases we now help you address has multiplied as well, from regulatory compliance and legal risk mitigation to end-user enablement, mailbox management, and layered protection against the scourge of ransomware.Thanks in part to this transformation, we at Mimecast find ourselves in our own, corporate breakaway moment. We’ve grown rapidly on the heels of last year’s IPO. We continue to innovate aggressively on our platform and across the customer experience.Gartner’s EIA Magic Quadrant report sheds light on a breakaway moment. The state of archiving has clearly morphed. Freed from the confines of costly and labor-intensive premises-based infrastructures, today’s cloud-based solutions offer streamlined administration, fast search performance, and end-user value, in addition to affordability.
Finally, businesses and organizations now face their own breakaway opportunities, applying next-generation archiving technologies to master today’s myriad business challenges.
Documenting an Archiving Inflection Point
Like other recent analyst research reports, Gartner’s latest EIA MQ installment bravely captures a transition point in the fast-evolving archiving market. As I noted in an earlier post, the current roster of cloud archiving vendors have gotten here via a diversity of paths, including social media, search engine, backup-and-recovery, and enterprise content management (ECM), among others.
What brings us together? Three major business trends:
- Email’s primacy as a business resource
- More rigorous compliance requirements
- Increasing exposure to costly litigation
This lends the EIA market a “gene pool” that’s remarkably rich, which is both good and bad for businesses and organizations that seek the archiving solution best suited to their particular needs. Good in the sense that, no matter the set of use cases you seek to fulfill, the chance that the right solution is out there is quite high. Bad in the sense that finding that right solution can be challenging.
In this context, we applaud the work of Gartner. Gartner’s systematic assessments of vendors’ specific capabilities and strengths – and, by extension, these vendors’ long-term viability as solution partners – is invaluable for organizations who need to fully leverage technology while minimizing investment risk.
All Due Appreciation
On behalf of everyone on the global Mimecast team, I’d like to extend our deepest appreciation to the archiving analyst team at Gartner. We’ve thoroughly enjoyed working with you, into 2017 and beyond.
Special thanks to our customers, especially those who took the time to talk to Gartner analysts about your experiences before and after you began archiving with us. There’s nothing we appreciate more than your willingness to share your ideas with us and with the larger community.
Finally, thanks and kudos to my Mimecast teammates around the world! This recognition belongs to you. It’s a great mile marker in the wake of another big milestone, our one-year anniversary as a public company.
December 6, 2016The end of a year is often a time of reflection as organizations focus on what they might do differently in the year to come, how they might align themselves against their competitors, and up their game. As organizations think through their cybersecurity strategy for the coming year the challenge they face is how to plan for success.
This past year we’ve seen how cybercriminals continue to become more sophisticated and insidious by constantly revising, updating and re-inventing their tactics and technologies to launch attacks. We’ve seen our share of DDoS attacks, key political figures emails hacked, and ransomware attacks. Recently, we saw cybercriminals target the San Francisco Municipal Transportation Authority with a ransomware attack. Free rides for all! And, that wasn’t San Francisco offering an early holiday gift to locals.
Knowing 100 percent protection against today’s cyber threats is not realistic - cyber resilience becomes the name of the game. Building a cyber resilience strategy that layers state-of-the-art preventative systems, point-in-time recovery measures, and a means to maintain continuity during an attack can make a significant difference in fending off the myriad of sophisticated threats. We can’t predict all the attacks coming but we can build in cyber resilience and learn from what we have already seen.
Although we may not know all the answers of what’s to come, based on what we’ve seen over the year here are a few attacks that we, at Mimecast, think will rise up 2017:
- The Rise of Cyber Gangs - The past year has been rampant with attacks, and it’s only going to get worse. Not just in the number of attacks, but the sophistication. Attackers have been getting smarter, their data gathering techniques more sophisticated, and they’re becoming more organized. In 2017, we’ll likely see growing groups of attackers, as well as a network of shared information they’ve stolen. These groups will also likely clash, and we’ll see attackers going after each other as well as these virtual gangs grow, gain resources, and fight over territories in the digital landscape. As we all know everyone needs to protect against these threats, by taking a layered approach and ensure they have a proper cyber resilience strategy in place to combat these threats. But that can sometimes be out of reach for many organizations as they are always strapped for resources, budget and then management of said layers. Thus the massive shift of organizations moving to a cloud security strategy where you can get advanced security capabilities that would be out of reach to try and build on premise.
- Ransomware Continues to Evolve yet don’t take your eye off other threats - Ransomware will explode to become one of the biggest threats, fuelled by smaller ‘opportunist’ attackers using off-the-shelf kits to deploy malware. This is an easy and cheap attack method that produces fruitful results. Few organizations have effective defenses against this type of malware and now with bitcoins enabling the perpetrators to increase the distance from their victims further, it has never been so easy to get away with it. In the coming year, we should also expect more crypto-lockers and evolving forms of ransomware that deny access to desktops, network drives, and cloud services. And just as you focus your attention on ransomware issues you can’t be caught off guard by adversaries impersonating the CEO to transfer thousands of dollars to an offshore account or by basic phishing attacks that will cause employees to launch attacks on your organization.
Focus on Data Mining - One theme that is still overlooked is that it’s not just about wire transfers. Attackers aren’t just focused on money, they’re focusing on data mining and will use the data they gather in more advanced attacks to gather important data to be either sold on the Dark Web or used in future attacks. (Remember the W-2 fraud uptick earlier this year? We’re heading into tax season and can expect to see this again.) While Wire Transfer fraud is and will be an issue in the future, organizations need to also think about where else they’re susceptible and ensure they have the appropriate protective measures in place. Backups are essential, but the evolution of ransomware is staggering and organizations need to ensure their gateway, firewall, endpoint and other security solutions are consistently up-to-date.
- Cyber Espionage to Cause More Political Disruption - Nation states and their sponsored operatives will use cyber espionage more and more to cause political shifts, disruption, and to gain economic advantage. This will involve, but will not be limited to, email hacking and disclosure of other forms of intercepted private communications, disruption of and interference with critical national infrastructures (Stuxnet 2).
- Reigning-in Data Residency and Governance – The impending GDPR will focus European organizations on improving their security and privacy programs significantly in 2017. And, at the same time increased state-sponsored attacks will lead to more stringent rules around data residency and governance, as well as state firewalls being considered to mitigate threats and allow a regional business activity to continue. Advancements in managing internet traffic from different geographies may also become a focus as global trade landscape changes.
- Impersonation Attacks in the Spotlight - 2016 has been the year of ransomware and it’s no secret that social engineering attacks, like phishing, spear-phishing, and domain spoofing have grown from being a nuisance to a huge problem. However, one of the lesser publicized problems is impersonation attacks. Whaling attacks can cost organizations millions in financial losses. In fact, according to the U.S. Federal Bureau of Investigation, whaling attacks led to more than $2.3 billion in losses over the last three years. We expect to see whaling attacks as the next “it” attack flooding the media.
- Macro Malware Still in the Game – Once thought of as a thing of the past, macro malware has reared its ugly head into the ring of attack methods cybercriminals are using. While most organizations choose to block executable attachments at the gateway by default, they must still allow files, such Microsoft Office documents, to pass freely if employees are to be productive. Attackers exploit this by weaponizing files in these common formats. According to our own research, we found that 50% of firms have seen email attacks that use macros in attachments increase over the last year. Why? Well, it’s such a simple tactic with little proactive AV detection, and that’s why we’ll continue to see waves of Macro malware into next year and beyond.
Taking the time to reflect on all the ups and downs we’ve seen in cybersecurity over the last year, offered me greater clarity into what we may expect to see in 2017. Stay safe this holiday season, as it’s unlikely that attackers will all be taking the holidays off…
What do you think the New Year may bring? Voice your comments below.